Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In November 2024, I participated in SCinet with the Network Security team at SC24. My job was supporting Corelight sensors and threat hunting using the data the sensors produced. This engagement allowed for a very constructive comparison between the networking challenges at SC and Black Hat USA, where I had the honor of working in the Network Operations Center (NOC) a few months earlier. At SC, I felt immersed in the cutting-edge world of research computing with people showcasing the fastest everything.

In today’s digital landscape, network failures and data breaches are not just technical headaches or concerns for CISOs only, they can trigger major legal consequences. Regulatory agencies are sharpening their focus on cybersecurity, and class-action lawsuits, hefty fines, and reputational damage are real risks. For legal teams and boards, ensuring compliance, conducting robust due diligence, and being ready for litigation is not optional; it is a must.

Cybercriminals often exploit outdated vulnerabilities – quite literally. While organizations focus on addressing the latest zero-day threats, attackers continue to profit by targeting weaknesses that should have been resolved long ago. Some of these Common Vulnerability and Exposures (CVEs) date back nearly a decade, yet they remain heavily exploited. This trend proves that old flaws never truly disappear.

In line with our philosophy of delivering an exceptional customer experience, Cato Networks has added a knowledge-base AI assistant as part of the Cato SASE Cloud Platform. The AI assistant provides accurate, relevant answers to questions about using Cato’s many capabilities with detailed, step-by-step instructions uniquely suited to the user’s situation and circumstance.

For years, IT teams have been stuck in a reactive mode, scrambling to fix network performance issues only after users start complaining. Despite an abundance of monitoring tools, the real challenge has always been identifying and resolving issues before they impact productivity—without spending countless hours on manual troubleshooting.

Small businesses are becoming primary targets for cyberattacks. Attackers know that small businesses often lack the security resources of larger enterprises, making them an easy entry point for data breaches, ransomware, and website takeovers.

Network troubleshooting was always a crucial but intimidating element of guaranteeing error-free connection and operational proficiency. Packet Captures (PCAPs) are the go-to standard solution for diagnosing connectivity problems, locating network impediments, and uncovering ultimate causes of failure. As strong as PCAPs are, however, traditional manual methods for deciphering them are limited to built-in faults.

Today, when online threats are always changing, it's more important than ever to keep your network safe. Keep your computer safe with a stateful firewall. It keeps an eye on all open links and sorts data smartly based on security rules, state, and context. In real time, stateful firewalls can decide how to protect your network because they keep track of all live sessions. Without a state, filters look at each file separately, which is not the same thing.

Hey folks, let's be real. Change in the tech world can be a real pain. Especially when it's not on your terms. We've all heard the news about Skybox closing its doors, and if you're like a lot of us, you're probably feeling a mix of frustration and "what now?" It's tough when a private equity decision, like the one impacting Skybox, shakes up your network security strategy. You've invested time and resources in your Skybox implementation, and now you're looking at a forced switch.

Zeek is a powerful open-source network analysis tool that allows users to monitor traffic and detect malicious activities. Users can write packages to detect cybersecurity events, like this GitHub repo that detects C2 from AgentTesla (a well-known malware family). Automating summarization and documentation using AI is often helpful when analyzing Zeek packages.